<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
    <title>SIF Implementation Specification 2.2 - Infrastructure Working Group</title>
    <link rel="stylesheet" type="text/css" href="include/document.css" />
    <link rel="stylesheet" type="text/css" href="include/specification.css" />
  </head>
  <body>
    <div class="navigation" id="topnavigation">
      <a href="index.html">home</a>
      <a href="HumanResourcesFinancialsWorkingGroup.html">previous</a>
      <a href="InstructionalServicesTaskForce.html">next</a>
      <a href="index.html#contents">table of contents</a>
      <hr />
    </div>
    <h2>6.9 Infrastructure Working Group</h2>
    <p>
						In addition to SIF messages and strictly infrastructure-related objects like <code>SIF_ZoneStatus</code>, the Infrastructure
						Working Group occasionally defines data model objects that either do not fall neatly within the purview of currently
						existing data model working groups (e.g. the Authentication object) or that can be provided by the ZIS and agents
						alike—typically metadata about a zone as opposed to data directly originating from the K-12 instructional and
						administrative environment (e.g. <code>SIF_LogEntry</code>).
					</p>
    <div class="element_section">
      <a name="Authentication" />
      <a name="691Authentication" />
      <h3 class="element_name">6.9.1 Authentication</h3>
      <p>
							The Authentication object allows a system that stores usernames and/or passwords to share them with other applications through SIF.
							The provider of the Authentication object may only support providing a username or a password, or it may support both.
						</p>
      <p>
							The Authentication object is also able to transmit a user's network identity through SIF.
							If the user has an account in a network directory system that supports LDAP, the user's distinguishedName or username is shared
							to uniquely identify the user to applications that support LDAP or native network authentication options.
						</p>
      <p>Details of how to implement the password element are included below the object definition.</p>
      <p class="emphasized_note">SIF_Events are reported for this object.</p>
      <a name="Figure6911Authentication" />
      <div class="diagram_parent" align="center">
        <a target="_blank" href="diagrams/Authentication.png">
          <img class="diagram" src="diagrams/Authentication.png" alt="Authentication" width="1253" height="450" usemap="#Authentication__map" />
        </a>
      </div>
      <span class="caption">Figure 6.9.1-1: Authentication</span><map name="Authentication__map" id="Authentication__map">
  <area alt="Authentication" href="#Authentication" shape="rect" coords="5,247,153,287" />
  <area alt="RefId" href="#Authentication___RefId" shape="rect" coords="228,15,303,55" />
  <area alt="SIF_RefId" href="#Authentication___SIF_RefId" shape="rect" coords="318,15,428,55" />
  <area alt="SIF_RefObject" href="#Authentication___SIF_RefObject" shape="rect" coords="443,15,589,55" />
  <area alt="AuthenticationInfo" href="#Authentication__AuthenticationInfo" shape="rect" coords="228,192,406,232" />
  <area alt="System" href="#Authentication__AuthenticationInfo__System" shape="rect" coords="518,100,620,140" />
  <area alt="Type" href="#Authentication__AuthenticationInfo__System___Type" shape="rect" coords="780,100,852,140" />
  <area alt="Username" href="#Authentication__AuthenticationInfo__Username" shape="rect" coords="518,165,631,205" />
  <area alt="DistinguishedName" href="#Authentication__AuthenticationInfo__DistinguishedName" shape="rect" coords="518,220,705,260" />
  <area alt="PasswordList" href="#Authentication__AuthenticationInfo__PasswordList" shape="rect" coords="518,285,658,325" />
  <area alt="Password" href="#Authentication__AuthenticationInfo__PasswordList__Password" shape="rect" coords="780,285,891,325" />
  <area alt="Algorithm" href="#Authentication__AuthenticationInfo__PasswordList__Password___Algorithm" shape="rect" coords="966,285,1078,325" />
  <area alt="KeyName" href="#Authentication__AuthenticationInfo__PasswordList__Password___KeyName" shape="rect" coords="1093,285,1202,325" />
  <area alt="SIF_Metadata" href="#Authentication__SIF_Metadata" shape="rect" coords="228,350,367,390" />
  <area alt="SIF_ExtendedElements" href="#Authentication__SIF_ExtendedElements" shape="rect" coords="228,405,443,445" />
</map><a name="Table6911Authentication" /><table class="definition"><thead><tr><th> </th><th>Element/@Attribute</th><th>Char</th><th>Description</th><th>Type</th></tr></thead><tbody><tr><td class="indicators"> </td><td class="element"><a name="Authentication" /><span class="rootElement">Authentication</span></td><td class="emptycell">&#xA0;</td><td class="description"><p>
								The Authentication object allows a system that stores usernames and/or passwords to share them with other applications through SIF.
								The provider of the Authentication object may only support providing a username or a password, or it may support both.
							</p><p>
								The Authentication object is also able to transmit a user's network identity through SIF.
								If the user has an account in a network directory system that supports LDAP, the user's distinguishedName or username is shared
								to uniquely identify the user to applications that support LDAP or native network authentication options.
							</p>&#xA0;</td><td class="emptycell">&#xA0;</td></tr><tr><td class="indicators">@<br /><img class="key" src="images/key.png" alt="key" /></td><td class="attribute"><a name="Authentication___RefId" />RefId</td><td class="characteristics">M</td><td class="description"><p>The SIF RefId that uniquely identifies this authentication object.</p>&#xA0;</td><td class="type"><a href="CommonTypes.html#RefIdType" class="type">RefIdType</a></td></tr><tr><td class="indicators">@</td><td class="attribute"><a name="Authentication___SIF_RefId" />SIF_RefId</td><td class="characteristics">M</td><td class="description"><p>The SIF RefId of a student or staff member</p>&#xA0;</td><td class="type"><a href="CommonTypes.html#IdRefType" class="type">IdRefType</a></td></tr><tr><td class="indicators">@</td><td class="attribute"><a name="Authentication___SIF_RefObject" />SIF_RefObject</td><td class="characteristics">M</td><td class="description"><p>The type of SIF object that the SIF_RefId attribute identifies.</p>&#xA0;</td><td class="type"><span class="title">values:</span><br /><dl><dt>StudentPersonal</dt><dt>StaffPersonal</dt><dt>StudentContact</dt><dt>EmployeePersonal</dt></dl></td></tr><tr><td class="indicators"> </td><td class="element"><a name="Authentication__AuthenticationInfo" />AuthenticationInfo</td><td class="characteristics">M</td><td class="description"><p>The authentication information for one system.</p>&#xA0;</td><td class="emptycell">&#xA0;</td></tr><tr><td class="indicators"> </td><td class="element"><a name="Authentication__AuthenticationInfo__System" />AuthenticationInfo/System<br/>&#160;&#160;&#160;&#160;&#160;</td><td class="characteristics">M</td><td class="description"><p>An identifying string for the system that supports this authentication information.</p>&#xA0;</td><td class="type"><a href="http://www.w3.org/TR/xmlschema-2/#normalizedString" class="type">xs:normalizedString</a><br /><table><tr><td><a href="http://www.w3.org/TR/xmlschema-2/#rf-length">xs:maxLength</a></td><td>255</td></tr></table></td></tr><tr><td class="indicators">@</td><td class="attribute"><a name="Authentication__AuthenticationInfo__System___Type" />Type</td><td class="characteristics">M</td><td class="description"><p>Specific type of user identification.</p>&#xA0;</td><td class="type"><span class="title">values:</span><br /><dl><dt>Network</dt><dt>Application</dt></dl></td></tr><tr><td class="indicators"> </td><td class="element"><a name="Authentication__AuthenticationInfo__Username" />AuthenticationInfo/Username<br/>&#160;&#160;&#160;&#160;&#160;</td><td class="characteristics">O</td><td class="description"><p>The identification string for this user.</p>&#xA0;</td><td class="type"><a href="http://www.w3.org/TR/xmlschema-2/#normalizedString" class="type">xs:normalizedString</a><br /><table><tr><td><a href="http://www.w3.org/TR/xmlschema-2/#rf-length">xs:maxLength</a></td><td>64</td></tr></table></td></tr><tr><td class="indicators"> </td><td class="element"><a name="Authentication__AuthenticationInfo__DistinguishedName" />AuthenticationInfo/DistinguishedName<br/>&#160;&#160;&#160;&#160;&#160;</td><td class="characteristics">O</td><td class="description"><p>This is the distinguished name of the user in a network directory system.</p>&#xA0;</td><td class="type"><a href="http://www.w3.org/TR/xmlschema-2/#normalizedString" class="type">xs:normalizedString</a><br /><table><tr><td><a href="http://www.w3.org/TR/xmlschema-2/#rf-length">xs:maxLength</a></td><td>255</td></tr></table></td></tr><tr><td class="indicators"> </td><td class="element"><a name="Authentication__AuthenticationInfo__PasswordList" />AuthenticationInfo/PasswordList<br/>&#160;&#160;&#160;&#160;&#160;</td><td class="characteristics">O</td><td class="description"><p>Allows a provider or publisher to specify the same password using multiple algorithms, if supported.</p>&#xA0;</td><td class="type"><a class="type" href="DataModel.html#List">List</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="Authentication__AuthenticationInfo__PasswordList__Password" />AuthenticationInfo/PasswordList/<br/>&#160;&#160;&#160;&#160;&#160;Password</td><td class="characteristics">MR</td><td class="description"><p>A representation of the user's password using the given algorithm.</p>&#xA0;</td><td class="type"><a href="http://www.w3.org/TR/xmlschema-2/#base64Binary" class="type">xs:base64Binary</a><br /><table><tr><td><a href="http://www.w3.org/TR/xmlschema-2/#rf-length">xs:maxLength</a></td><td>255</td></tr></table></td></tr><tr><td class="indicators">@</td><td class="attribute"><a name="Authentication__AuthenticationInfo__PasswordList__Password___Algorithm" />Algorithm</td><td class="characteristics">M</td><td class="description"><p>The method used to encrypt the user's password. See the implementation details below.</p>&#xA0;</td><td class="type"><span class="title">values:</span><br /><dl><dt>base64</dt><dt>MD5</dt><dt>SHA1</dt><dt>DES</dt><dt>TripleDES</dt><dt>RC2</dt><dt>AES</dt><dt>RSA</dt></dl></td></tr><tr><td class="indicators">@</td><td class="attribute"><a name="Authentication__AuthenticationInfo__PasswordList__Password___KeyName" />KeyName</td><td class="characteristics">M</td><td class="description"><p>The name of the key to be used for decryption of the password.  Left blank for plain, encoded text (Algorithm attribute value of "base64") and hash algorithms.</p>&#xA0;</td><td class="type"><a href="http://www.w3.org/TR/xmlschema-2/#normalizedString" class="type">xs:normalizedString</a><br /><table><tr><td><a href="http://www.w3.org/TR/xmlschema-2/#rf-length">xs:maxLength</a></td><td>64</td></tr></table></td></tr><tr><td class="indicators"> </td><td class="element"><a name="Authentication__SIF_Metadata" />SIF_Metadata</td><td class="characteristics">O</td><td class="description">&#xA0;</td><td class="type"><a href="DataModelTaskForce.html#SIF_Metadata" class="type">SIF_Metadata</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="Authentication__SIF_ExtendedElements" />SIF_ExtendedElements</td><td class="characteristics">O</td><td class="description">&#xA0;</td><td class="type"><a href="DataModel.html#SIF_ExtendedElements" class="type">SIF_ExtendedElements</a></td></tr></tbody></table><span class="caption">Table 6.9.1-1: Authentication</span><a name="PasswordImplementationDetails" /><h4>6.9.1.1 Password Implementation Details</h4><p>
							While Authentication objects transported over SIF HTTPS are typically secure in transit, SIF objects are often stored in logs and databases.
							If the network infrastructure is not secure, the passwords could be subject to snooping from system users.
							Because of this, the design of the Authentication object requires that passwords never be transmitted in plain text, to prevent casual viewing.
							The design of this object allows passwords to be securely encrypted using a variety of encryption algorithms.
						</p><p>
							Passwords in the Authentication object can be shared in one of three ways as documented in the sections below.
						</p><a name="EncodedText" /><h5>6.9.1.1.1 Encoded Text</h5><p>
								Sharing a password using encoded text is a very insecure method, because it uses a well-known algorithm and the value is not encrypted.
								The only merit of using this method is that the password is not readable as plain text, and thus deters any casual attempt to read a password.
								To share passwords in this manner, the following steps must be followed:
							</p><ol><li>
									The publishing agent creates a <code>Password</code> element with the algorithm set to <code>base64</code>.
								</li><li>The agent encodes the Unicode representation of the password using the UTF-8 encoding.</li><li>The resulting binary value is then base64 encoded.</li><li>
									Write the result as the payload of the <code>Password</code> element.
								</li></ol><a name="HashedText" /><h5>6.9.1.1.2 Hashed Text</h5><p>
								Sharing a hashed text version of a password means that the original password is not shared.
								Clear text passwords are not retrievable from values stored as hashes.
								These hashed values can only be used to verify passwords input by a user.
							</p><p>
								What is shared is a cryptographically secure hash of the password.
								This hash allows other applications to verify a user's password when s/he logs in by comparing the hash value, not the original password.
								To share passwords in this manner, the following steps must be followed:
							</p><ol><li>
									The publishing agent creates a <code>Password</code> element with the algorithm set to <code>MD5</code> or <code>SHA1</code>.
								</li><li>The agent encodes the Unicode representation of the password using the UTF-8 encoding.</li><li>Hash the resulting binary value with the chosen hash algorithm.</li><li>Encode the binary result using base64 encoding.</li><li>
									Write the result as the payload of the <code>Password</code> element.
								</li></ol><a name="EncryptedText" /><h5>6.9.1.1.3 Encrypted Text</h5><p>
								Sharing a password using encrypted text can be very secure.
								The key being used to encrypt the data should be known only to the applications.
								The <code>KeyName</code> attribute is used to allow agents to uniquely identify keys that are being used.
								To share passwords in this manner, the following steps must be followed:
							</p><ol><li>
									The publishing agent creates a <code>Password</code> element with the algorithm set to <code>DES</code>, <code>TripleDES</code>, <code>RC2</code>,  or <code>AES</code>.
								</li><li>The agent encodes the Unicode representation of the password using the UTF-8 encoding.</li><li>Generate a cryptographically secure Initialization Vector (IV).</li><li>Configure the encryption algorithm to use a cipher mode of CBC.</li><li>Configure the encryption algorithm to use a block size of 64 bits (8 bytes).</li><li>Configure the encryption algorithm to use the generated IV.</li><li>Configure the encryption algorithm to use the specified key for encryption.</li><li>Configure the encryption algorithm to use PKCS#7/PKCS#5 padding mode.</li><li>Encrypt the binary representation of the password that was generated in step 2.</li><li>Encode the binary result using base64 encoding.</li><li>
									Write the result as the payload of the <code>Password</code> element.
								</li></ol><a name="ExampleKeys" /><h6>6.9.1.1.3.1 Example Keys</h6><p>
									The XML in the Authentication example can be used to verify an agent's implementation of any of the published algorithms.
									The password being shared for the sake of the example is <code>¿sècrèt</code>.
									High-Unicode characters are being used in this example to validate proper encoding.
									The actual Unicode characters are: U+00BF, U+0073, U+00E8, U+0063, U+0072, U+00E8, U+0074.
								</p><p>The encryption keys being used are as follows (in base 64 format)</p><table><thead><tr><td>Key Name</td><td>Key (in base64 format)</td></tr></thead><tr><td>64-BIT_KEY</td><td>dW7SKzwdn0Q=</td></tr><tr><td>128-BIT_KEY</td><td>TcdilmUZ6qvbmegl2it2pA==</td></tr><tr><td>192-BIT_KEY</td><td>mECbXMo+fOMWRwam7tyUEE59jbO9O0Z4</td></tr></table><p>
									NOTE: Real-world implementations of password sharing should use keys other than the ones used for this documentation.
									These keys are provided for example's sake only.
									Keys should be generated using a secure cryptographic key generator.
								</p><a name="Example6911Authentication" />
<div class="example_parent"><div class="example"
>&lt;Authentication RefId="4286194F43ED43C18EE2F0A27C4BEF86" SIF_RefId="23B08571E4D645C3B82A3E52E5349925" SIF_RefObject="StudentPersonal"&gt;
  &lt;AuthenticationInfo&gt;
    &lt;System Type="Network"&gt;NetworkSystem&lt;/System&gt;
    &lt;Username&gt;User01&lt;/Username&gt;
    &lt;DistinguishedName&gt;cn=User01, cn=Users, dc=sifinfo, dc=org&lt;/DistinguishedName&gt;
    &lt;PasswordList&gt;
      &lt;Password Algorithm="SHA1" KeyName="SHA1"&gt;1zKHIKRoPb3y0gZLJnFhQspdevg=&lt;/Password&gt;
      &lt;Password Algorithm="MD5" KeyName="MD5"&gt;IwErjiNuanYLAmyFwyulPg==&lt;/Password&gt;
      &lt;Password Algorithm="base64" KeyName="BASE64"&gt;wr9zw6hjcsOodA==&lt;/Password&gt;
      &lt;Password Algorithm="DES" KeyName="64-BIT_KEY"&gt;6XSjrzAgkrd41Nzb61w5vwuqzKsQbybL&lt;/Password&gt;
      &lt;Password Algorithm="RC2" KeyName="128-BIT_KEY"&gt;jqCzWFS38Xs7tx7v2ksa01TrFhBnixI8&lt;/Password&gt;
      &lt;Password Algorithm="TripleDES" KeyName="192-BIT_KEY"&gt;msf17ucBbhN44uJpXTGGfI3twSR/cS/u&lt;/Password&gt;
    &lt;/PasswordList&gt;
  &lt;/AuthenticationInfo&gt;
&lt;/Authentication&gt;
</div></div><span class="caption">Example 6.9.1-1: Authentication</span></div>
    <div class="element_section">
      <a name="SIF_LogEntry" />
      <a name="692SIF_LogEntry" />
      <h3 class="element_name">6.9.2 SIF_LogEntry</h3>
      <p>
								This object captures an occurrence within a SIF node (ZIS or agent)—error, warning or information—for storage in an optionally provided zone log.
								SIF_LogEntry Adds are reported and are used to post new log entries to the provider of the log.
								Of course, subscribing agents may also filter incoming Adds as part of their own logging mechanism.
								Any Change or Delete SIF_Events should be ignored at the agent level, but should be routed by the
								ZIS (though this should not be necessary). Use of the log is optional and voluntary, except where noted as mandatory in this specification.
								Nodes may post as much or as little log data as required with the expectation that if there is a provider of SIF_LogEntry that the logged entries be available
								for a provider-defined amount of time subject to provider-defined restrictions on the quantity of data
								logged by any given node.
							</p>
      <p class="emphasized_note">SIF_Events are reported for this object.</p>
      <a name="Figure6921SIF_LogEntry" />
      <div class="diagram_parent" align="center">
        <a target="_blank" href="diagrams/SIF_LogEntry.png">
          <img class="diagram" src="diagrams/SIF_LogEntry.png" alt="SIF_LogEntry" width="1121" height="650" usemap="#SIF_LogEntry__map" />
        </a>
      </div>
      <span class="caption">Figure 6.9.2-1: SIF_LogEntry</span><map name="SIF_LogEntry__map" id="SIF_LogEntry__map">
  <area alt="SIF_LogEntry" href="#SIF_LogEntry" shape="rect" coords="5,347,145,387" />
  <area alt="Source" href="#SIF_LogEntry___Source" shape="rect" coords="220,15,310,55" />
  <area alt="LogLevel" href="#SIF_LogEntry___LogLevel" shape="rect" coords="325,15,431,55" />
  <area alt="SIF_LogEntryHeader" href="#SIF_LogEntry__SIF_LogEntryHeader" shape="rect" coords="220,90,416,130" />
  <area alt="SIF_Header" href="#SIF_LogEntry__SIF_LogEntryHeader__SIF_Header" shape="rect" coords="698,90,830,130" />
  <area alt="SIF_OriginalHeader" href="#SIF_LogEntry__SIF_OriginalHeader" shape="rect" coords="220,145,406,185" />
  <area alt="SIF_Header" href="#SIF_LogEntry__SIF_OriginalHeader__SIF_Header" shape="rect" coords="698,145,830,185" />
  <area alt="SIF_Category" href="#SIF_LogEntry__SIF_Category" shape="rect" coords="220,200,359,240" />
  <area alt="SIF_Code" href="#SIF_LogEntry__SIF_Code" shape="rect" coords="220,255,623,295" />
  <area alt="SIF_ApplicationCode" href="#SIF_LogEntry__SIF_ApplicationCode" shape="rect" coords="220,310,419,350" />
  <area alt="SIF_Desc" href="#SIF_LogEntry__SIF_Desc" shape="rect" coords="220,365,327,405" />
  <area alt="SIF_ExtendedDesc" href="#SIF_LogEntry__SIF_ExtendedDesc" shape="rect" coords="220,420,401,460" />
  <area alt="SIF_LogObjects" href="#SIF_LogEntry__SIF_LogObjects" shape="rect" coords="220,485,378,525" />
  <area alt="SIF_LogObject" href="#SIF_LogEntry__SIF_LogObjects__SIF_LogObject" shape="rect" coords="698,485,847,525" />
  <area alt="ObjectName" href="#SIF_LogEntry__SIF_LogObjects__SIF_LogObject___ObjectName" shape="rect" coords="922,485,1070,525" />
  <area alt="SIF_Metadata" href="#SIF_LogEntry__SIF_Metadata" shape="rect" coords="220,550,359,590" />
  <area alt="SIF_ExtendedElements" href="#SIF_LogEntry__SIF_ExtendedElements" shape="rect" coords="220,605,435,645" />
</map><a name="Table6921SIF_LogEntry" /><table class="definition"><thead><tr><th> </th><th>Element/@Attribute</th><th>Char</th><th>Description</th><th>Type</th></tr></thead><tbody><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry" /><span class="rootElement">SIF_LogEntry</span></td><td class="emptycell">&#xA0;</td><td class="description"><p>
								This object captures an occurrence within a SIF node (ZIS or agent)—error, warning or information—for storage in an optionally provided zone log.
								SIF_LogEntry Adds are reported and are used to post new log entries to the provider of the log.
								Of course, subscribing agents may also filter incoming Adds as part of their own logging mechanism.
								Any Change or Delete SIF_Events should be ignored at the agent level, but should be routed by the
								ZIS (though this should not be necessary). Use of the log is optional and voluntary, except where noted as mandatory in this specification.
								Nodes may post as much or as little log data as required with the expectation that if there is a provider of SIF_LogEntry that the logged entries be available
								for a provider-defined amount of time subject to provider-defined restrictions on the quantity of data
								logged by any given node.
							</p>&#xA0;</td><td class="emptycell">&#xA0;</td></tr><tr><td class="indicators">@</td><td class="attribute"><a name="SIF_LogEntry___Source" />Source</td><td class="characteristics">M</td><td class="description"><p>The SIF node that logged this entry.</p>&#xA0;</td><td class="type"><span class="title">values:</span><br /><dl><dt>Agent</dt><dt>ZIS</dt></dl></td></tr><tr><td class="indicators">@</td><td class="attribute"><a name="SIF_LogEntry___LogLevel" />LogLevel</td><td class="characteristics">M</td><td class="description"><p>The level of the log entry herein described.</p>&#xA0;</td><td class="type"><span class="title">values:</span><br /><dl><dt>Info</dt><dt>Warning</dt><dt>Error</dt></dl></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_LogEntryHeader" />SIF_LogEntryHeader</td><td class="characteristics">M</td><td class="description"><p>
								This is a copy of the SIF_Event/SIF_Header in the message that added this SIF_LogEntry to the zone.
								This copy facilitates querying log entries with regard to source, time, optionally destination, etc.
							</p>&#xA0;</td><td class="emptycell">&#xA0;</td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_LogEntryHeader__SIF_Header" />SIF_LogEntryHeader/SIF_Header<br/>&#160;&#160;&#160;&#160;&#160;</td><td class="characteristics">M</td><td class="description">&#xA0;</td><td class="type"><a href="Infrastructure.html#SIF_Header" class="type">SIF_Header</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_OriginalHeader" />SIF_OriginalHeader</td><td class="characteristics">O</td><td class="description"><p>
								If this log entry references a previous SIF_Message,
								this element contains a copy of the referenced message's SIF_Header.
							</p>&#xA0;</td><td class="emptycell">&#xA0;</td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_OriginalHeader__SIF_Header" />SIF_OriginalHeader/SIF_Header<br/>&#160;&#160;&#160;&#160;&#160;</td><td class="characteristics">M</td><td class="description">&#xA0;</td><td class="type"><a href="Infrastructure.html#SIF_Header" class="type">SIF_Header</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_Category" />SIF_Category</td><td class="characteristics">C</td><td class="description"><p>A SIF_LogEntry category. May be omitted for informational-type postings, where typically a textual description will suffice.</p><p>
								Note that categories may be combined with the Source attribute of SIF_LogEntry to differentiate agent error conditions from ZIS error conditions.
							</p>&#xA0;</td><td class="type"><span class="title">values:</span><br /><dl><dt>1</dt><dd>Success</dd><dt>2</dt><dd>Data Issues with Success Result</dd><dt>3</dt><dd>Data Issues with Failure Result</dd><dt>4</dt><dd>Error Conditions</dd></dl></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_Code" />SIF_Code</td><td class="characteristics">O</td><td class="description"><p>A SIF_LogEntry code with regard to SIF_Category above. May be omitted for informational-type postings, where typically a textual description will suffice. If a SIF_Code is included, SIF_Category must be included as well.</p>&#xA0;</td><td class="type"><span class="title">union of:</span><br /><br /><a href="CodeSets.html#SIF_LogEntrySuccessCategoryType" class="type">SIF_LogEntrySuccessCategoryType</a><br /><a href="CodeSets.html#SIF_LogEntryDataIssuesWithSuccessResultType" class="type">SIF_LogEntryDataIssuesWithSuccessResultType</a><br /><a href="CodeSets.html#SIF_LogEntryDataIssuesWithFailureResultType" class="type">SIF_LogEntryDataIssuesWithFailureResultType</a><br /><a href="CodeSets.html#SIF_LogEntryAgentErrorConditionType" class="type">SIF_LogEntryAgentErrorConditionType</a><br /><a href="CodeSets.html#SIF_LogEntryZISErrorConditionType" class="type">SIF_LogEntryZISErrorConditionType</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_ApplicationCode" />SIF_ApplicationCode</td><td class="characteristics">O</td><td class="description"><p>
								An error code specific to the application posting the entry.
								Can be used by vendors to query log entries for errors specific to their applications.
								If a SIF_ApplicationCode is included, SIF_Category must be included as well;
								i.e., application-specific error codes should fall within one of the defined log entry categories.
							</p>&#xA0;</td><td class="type"><a href="http://www.w3.org/TR/xmlschema-2/#normalizedString" class="type">xs:normalizedString</a><br /><table><tr><td><a href="http://www.w3.org/TR/xmlschema-2/#rf-length">xs:maxLength</a></td><td>64</td></tr></table></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_Desc" />SIF_Desc</td><td class="characteristics">M</td><td class="description"><p>A textual description of the error.</p>&#xA0;</td><td class="type"><a href="http://www.w3.org/TR/xmlschema-2/#string" class="type">xs:string</a><br /><table><tr><td><a href="http://www.w3.org/TR/xmlschema-2/#rf-length">xs:maxLength</a></td><td>1024</td></tr></table></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_ExtendedDesc" />SIF_ExtendedDesc</td><td class="characteristics">O</td><td class="description"><p>Any extended error description.</p>&#xA0;</td><td class="type"><a href="http://www.w3.org/TR/xmlschema-2/#string" class="type">xs:string</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_LogObjects" />SIF_LogObjects</td><td class="characteristics">O</td><td class="description">&#xA0;</td><td class="type"><a class="type" href="DataModel.html#List">List</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_LogObjects__SIF_LogObject" />SIF_LogObjects/SIF_LogObject<br/>&#160;&#160;&#160;&#160;&#160;</td><td class="characteristics">MR</td><td class="description"><p>Any SIF data objects to which this log entry may apply.</p>&#xA0;</td><td class="type"><a href="CommonTypes.html#SIF_ResponseObjectType" class="type">SIF_ResponseObjectType</a></td></tr><tr><td class="indicators">@</td><td class="attribute"><a name="SIF_LogEntry__SIF_LogObjects__SIF_LogObject___ObjectName" />ObjectName</td><td class="characteristics">M</td><td class="description"><p>The name of the SIF object referenced (e.g. StudentPersonal).</p>&#xA0;</td><td class="type"><a href="CommonTypes.html#SIF_RequestObjectNamesType" class="type">SIF_RequestObjectNamesType</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_Metadata" />SIF_Metadata</td><td class="characteristics">O</td><td class="description">&#xA0;</td><td class="type"><a href="DataModelTaskForce.html#SIF_Metadata" class="type">SIF_Metadata</a></td></tr><tr><td class="indicators"> </td><td class="element"><a name="SIF_LogEntry__SIF_ExtendedElements" />SIF_ExtendedElements</td><td class="characteristics">O</td><td class="description">&#xA0;</td><td class="type"><a href="DataModel.html#SIF_ExtendedElements" class="type">SIF_ExtendedElements</a></td></tr></tbody></table><span class="caption">Table 6.9.2-1: SIF_LogEntry</span><a name="Example6921SIF_LogEntryWhenAnAgentEncountersASystemFailure" />
<div class="example_parent"><div class="example"
>&lt;SIF_LogEntry Source="Agent" LogLevel="Error"&gt;
  &lt;SIF_LogEntryHeader&gt;
    &lt;SIF_Header&gt;
      &lt;SIF_MsgId&gt;83252CE5C5F14FD88607F645224E4CAA&lt;/SIF_MsgId&gt;
      &lt;SIF_Timestamp&gt;2006-08-19T10:36:00-05:00&lt;/SIF_Timestamp&gt;
      &lt;SIF_SourceId&gt;RamseySISAgent&lt;/SIF_SourceId&gt;
    &lt;/SIF_Header&gt;
  &lt;/SIF_LogEntryHeader&gt;
  &lt;SIF_Category&gt;4&lt;/SIF_Category&gt;
  &lt;SIF_Code&gt;1&lt;/SIF_Code&gt;
  &lt;SIF_Desc&gt;Agent has run out of memory and will shut down&lt;/SIF_Desc&gt;
  &lt;SIF_ExtendedDesc&gt;OutOfMemoryException: ...&lt;/SIF_ExtendedDesc&gt;
&lt;/SIF_LogEntry&gt;
</div></div><span class="caption">Example 6.9.2-1: SIF_LogEntry when an agent encounters a system failure</span><a name="Example6922SIF_LogEntryWhenAnAgentFailsToDeleteAStudent" />
<div class="example_parent"><div class="example"
>&lt;SIF_LogEntry Source="Agent" LogLevel="Error"&gt;
  &lt;SIF_LogEntryHeader&gt;
    &lt;SIF_Header&gt;
      &lt;SIF_MsgId&gt;BA86894B795A4EB7A45093AD1CDBA54C&lt;/SIF_MsgId&gt;
      &lt;SIF_Timestamp&gt;2006-08-19T10:39:00-05:00&lt;/SIF_Timestamp&gt;
      &lt;SIF_SourceId&gt;RamseySISAgent&lt;/SIF_SourceId&gt;
    &lt;/SIF_Header&gt;
  &lt;/SIF_LogEntryHeader&gt;
  &lt;SIF_OriginalHeader&gt;
    &lt;SIF_Header&gt;
      &lt;SIF_MsgId&gt;74234DCB460A4BCB8937B07467EA73CC&lt;/SIF_MsgId&gt;
      &lt;SIF_Timestamp&gt;2006-08-19T10:29:00-05:00&lt;/SIF_Timestamp&gt;
      &lt;SIF_SourceId&gt;RamseyLibraryAgent&lt;/SIF_SourceId&gt;
    &lt;/SIF_Header&gt;
  &lt;/SIF_OriginalHeader&gt;
  &lt;SIF_Category&gt;3&lt;/SIF_Category&gt;
  &lt;SIF_Code&gt;2&lt;/SIF_Code&gt;
  &lt;SIF_ApplicationCode&gt;-33&lt;/SIF_ApplicationCode&gt;
  &lt;SIF_Desc&gt;Could not delete student John Smith due to business rule&lt;/SIF_Desc&gt;
  &lt;SIF_LogObjects&gt;
    &lt;SIF_LogObject ObjectName="StudentPersonal"&gt;
      &lt;StudentPersonal RefId="76D3A70232FE40D7A5D43A7A317EAEF9"&gt;
        &lt;AlertMessages&gt;
          &lt;AlertMessage Type="Legal"&gt;This is the Legal Alert for Joe Student&lt;/AlertMessage&gt;
        &lt;/AlertMessages&gt;
        &lt;LocalId&gt;P00001&lt;/LocalId&gt;
        &lt;StateProvinceId&gt;WB0025&lt;/StateProvinceId&gt;
        &lt;ElectronicIdList&gt;
          &lt;ElectronicId Type="Barcode"&gt;206654&lt;/ElectronicId&gt;
        &lt;/ElectronicIdList&gt;
        &lt;Name Type="04"&gt;
          &lt;LastName&gt;Student&lt;/LastName&gt;
          &lt;FirstName&gt;Joe&lt;/FirstName&gt;
          &lt;MiddleName /&gt;
          &lt;PreferredName&gt;Joe&lt;/PreferredName&gt;
        &lt;/Name&gt;
        &lt;Demographics&gt;
          &lt;Gender&gt;M&lt;/Gender&gt;
        &lt;/Demographics&gt;
        &lt;AddressList&gt;
          &lt;Address Type="0123"&gt;
            &lt;Street&gt;
              &lt;Line1&gt;6799 33rd Ave.&lt;/Line1&gt;
              &lt;StreetNumber&gt;6799&lt;/StreetNumber&gt;
              &lt;StreetName&gt;33rd&lt;/StreetName&gt;
              &lt;StreetType&gt;Ave.&lt;/StreetType&gt;
            &lt;/Street&gt;
            &lt;City&gt;Chicago&lt;/City&gt;
            &lt;StateProvince&gt;IL&lt;/StateProvince&gt;
            &lt;Country&gt;US&lt;/Country&gt;
            &lt;PostalCode&gt;60660&lt;/PostalCode&gt;
          &lt;/Address&gt;
        &lt;/AddressList&gt;
        &lt;PhoneNumberList&gt;
          &lt;PhoneNumber Type="0096"&gt;
            &lt;Number&gt;(312) 555-1234&lt;/Number&gt;
          &lt;/PhoneNumber&gt;
        &lt;/PhoneNumberList&gt;
        &lt;EmailList&gt;
          &lt;Email Type="Primary"&gt;Joe.Student@anyschool.com&lt;/Email&gt;
        &lt;/EmailList&gt;
        &lt;OnTimeGraduationYear&gt;2007&lt;/OnTimeGraduationYear&gt;
      &lt;/StudentPersonal&gt;
    &lt;/SIF_LogObject&gt;
  &lt;/SIF_LogObjects&gt;
&lt;/SIF_LogEntry&gt;
</div></div><span class="caption">Example 6.9.2-2: SIF_LogEntry when an agent fails to delete a student</span><a name="Example6923SIF_LogEntryWhenAnAgentStartsSynchronizingData" />
<div class="example_parent"><div class="example"
>&lt;SIF_LogEntry Source="Agent" LogLevel="Info"&gt;
  &lt;SIF_LogEntryHeader&gt;
    &lt;SIF_Header&gt;
      &lt;SIF_MsgId&gt;64B0CC6CFB314A328E520A102229CBC8&lt;/SIF_MsgId&gt;
      &lt;SIF_Timestamp&gt;2006-08-19T10:46:00-05:00&lt;/SIF_Timestamp&gt;
      &lt;SIF_SourceId&gt;RamseySISAgent&lt;/SIF_SourceId&gt;
    &lt;/SIF_Header&gt;
  &lt;/SIF_LogEntryHeader&gt;
  &lt;SIF_Desc&gt;Agent starting synchronization&lt;/SIF_Desc&gt;
&lt;/SIF_LogEntry&gt;
</div></div><span class="caption">Example 6.9.2-3: SIF_LogEntry when an agent starts synchronizing data</span><a name="Example6924SIF_LogEntryWhenAZISFailsToDeliverAMessageDueToBufferSizeLimitations" />
<div class="example_parent"><div class="example"
>&lt;SIF_LogEntry Source="ZIS" LogLevel="Error"&gt;
  &lt;SIF_LogEntryHeader&gt;
    &lt;SIF_Header&gt;
      &lt;SIF_MsgId&gt;BC1D982CEC5F49D998169930FE5B271C&lt;/SIF_MsgId&gt;
      &lt;SIF_Timestamp&gt;2006-08-19T10:49:00-05:00&lt;/SIF_Timestamp&gt;
      &lt;SIF_SourceId&gt;RamseyZIS&lt;/SIF_SourceId&gt;
    &lt;/SIF_Header&gt;
  &lt;/SIF_LogEntryHeader&gt;
  &lt;SIF_OriginalHeader&gt;
    &lt;SIF_Header&gt;
      &lt;SIF_MsgId&gt;74234DCB460A4BCB8937B07467EA73CC&lt;/SIF_MsgId&gt;
      &lt;SIF_Timestamp&gt;2006-08-19T10:29:00-05:00&lt;/SIF_Timestamp&gt;
      &lt;SIF_SourceId&gt;RamseyLibraryAgent&lt;/SIF_SourceId&gt;
    &lt;/SIF_Header&gt;
  &lt;/SIF_OriginalHeader&gt;
  &lt;SIF_Category&gt;4&lt;/SIF_Category&gt;
  &lt;SIF_Code&gt;2&lt;/SIF_Code&gt;
  &lt;SIF_Desc&gt;Could not deliver StudentPicture Add to RamseyLibraryAgent (127,546 bytes) due to maximum buffer size of 16,384 bytes.&lt;/SIF_Desc&gt;
&lt;/SIF_LogEntry&gt;
</div></div><span class="caption">Example 6.9.2-4: SIF_LogEntry when a ZIS fails to deliver a message due to buffer size limitations</span></div>
    <a name="InstructionalServicesTaskForce" />
    <div class="navigation" id="bottomnavigation">
      <hr />
      <a href="index.html">home</a>
      <a href="HumanResourcesFinancialsWorkingGroup.html">previous</a>
      <a href="InstructionalServicesTaskForce.html">next</a>
      <a href="index.html#contents">table of contents</a>
    </div><p align='center'><a href='http://validator.w3.org/check?uri=referer'><img src='http://www.w3.org/Icons/valid-xhtml10' alt='Valid XHTML 1.0 Transitional'/></a></p></body>
</html>